.if HookFlag==FALSE
invoke InstallHook,hDlg
.if eax!=NULL
mov HookFlag,TRUE
invoke SetDlgItemText,hDlg,IDC_HOOK,addr UnhookText
.endif
.else
invoke UninstallHook
invoke SetDlgItemText,hDlg,IDC_HOOK,addr HookText
mov HookFlag,FALSE
invoke SetDlgItemText,hDlg,IDC_HANDLE,NULL
invoke SetDlgItemText,hDlg,IDC_WNDPROC,NULL
.endif
when the user click "UnHook" the edit control doesn't been clear
invoke SetDlgItemText,hDlg,IDC_HOOK,addr HookText
you can't set the text of a hook :P
where you have IDC_HOOK, you put in the dialog control ID of the control or window that you want to set text for
SetDlgItemText is handy when you do not have the control handle stored someplace, because you can reference it by ID
if you have the handle of the window or control, use SetWindowText
INVOKE SetWindowText,hWnd,offset szText
for windows that have a caption bar, it sets the caption text
for windows or controls that do not have a caption bar (like a button or static control), it sets text inside the window
IDC_HOOK is a ID of a button
in the souce code, the edit control carries ES_READONLY style, but the forwards set/getDlgItemText been execute successfully, just these calls can not do their work
i don't know this happening,but it did happen.
the return value of the SetDlgItemText isn't zero,it means it didn't fail
but just didn't clear the edit control
ok - that might work :P
invoke SetDlgItemText,hDlg,IDC_HANDLE,NULL
invoke SetDlgItemText,hDlg,IDC_WNDPROC,NULL
i think these will crash - you need to point to some text, even if it's a null string
szNull db 0
INVOKE SetDlgItemText,hDlg,IDC_HANDLE,offset szNull
INVOKE SetDlgItemText,hDlg,IDC_WNDPROC,offset szNull
i could be wrong on that one :bg
shortcut method...
push 0
INVOKE SetDlgItemText,hDlg,IDC_HANDLE,esp
INVOKE SetDlgItemText,hDlg,IDC_WNDPROC,esp
pop ecx
i have test use this
szText db " ",0
.....
invoke SetDlgItemText,hDlg,IDC_WNDPROC,addr szText
but the result just persists,the edit control didn't been clear
shortcut method...
push 0
INVOKE SetDlgItemText,hDlg,IDC_HANDLE,esp
INVOKE SetDlgItemText,hDlg,IDC_WNDPROC,esp
pop ecxQuote
nice trick! :U
ok - you're going to have to show us more code
here is my guess....
that code is never being executed
i.e., you are not properly intercepting the pushed button message
if it did execute, i think the program would crash with 0xc0000005 error
i have uploaded the source code , see the zip
Quote from: dedndave on April 11, 2012, 06:31:15 PM
ok - you're going to have to show us more code
here is my guess....
that code is never being executed
i.e., you are not properly intercepting the pushed button message
if it did execute, i think the program would crash with 0xc0000005 error
i manually add some code like this
.else
invoke UninstallHook
invoke SetDlgItemText,hDlg,IDC_HOOK,addr HookText
mov HookFlag,FALSE
invoke SetDlgItemText,hDlg,IDC_HANDLE,NULL
invoke MessageBox,hDlg,0,0,MB_OK ;ADD CODE
invoke SetDlgItemText,hDlg,IDC_WNDPROC,NULL
.endif
the MSGBOX executed,but the edit control always display the last class name
It has already 3:00 am in China, I got to sleep now, wait for your good analysis :toothy
ok
let me start by saying...
Iczelion's tutorials are kind of old :P
they have not been kept up to date, as the masm32 package has been updated
so, some things need a little clean-up just to make it compatible
that includes adding the resource.h file to the resource file
another thing - the name of the DLL, LIB, and INC are "MouseHook"
it is best to name the project files something different - i chose "MHook"
i also made a little batch file to build it - just click on the BAT file and it does everything - much faster for testing code
and - it appears as though the SetDlgItemText function can have a NULL pointer - it is not documented that way
let me tell you - many functions will crash if you do that :bg
once i got the thing to assemble, the Hook/Unhook button text worked ok
but - the edit text boxes were not being cleared out
well - what was really happening - they were being cleared out, then set back to the buffer value
it seems as though you have a WM_MOUSEHOOK message still in the message queue :P
i fixed that by adding a test on HookFlag...
.elseif uMsg==WM_MOUSEHOOK
.if HookFlag==TRUE
;do stuff
.endif
.elseif.........
it seems to work fine, now
interesting little project :P
set the hook, then move the mouse around over different windows and controls
we need to update the Iczelion package
it is for newcomers - who really can't be expected to work through these kinds of issues
i download the MHook.zip
it works fine, :U
one more question,when is the mousehook.dll loaded into the calling process,
and when is it mapped into other process's 2GB address?
when you run the program, the operating system loads it
if it is not registered, it will look for the DLL in the current folder, then in the system folder (C:\Windows\System32)
you may register the file, then the OS looks in a specific location
.data
hInstance dd 0
....
InstallHook proc hwnd:DWORD
push hwnd
pop hWnd
invoke SetWindowsHookEx,WH_MOUSE,addr MouseProc,hInstance,NULL
mov hHook,eax
ret
InstallHook endp
for this function in the mousehook.dll, when it is called, who is the hInstance's owner?
the process module is the "instance handle"
if you call GetModuleHandle with a parameter of 0, it returns the handle for the current process
when the DLL is loaded, the OS calls the entry point function - this is the simple form of a DLL
DllEntry proc hInst:HINSTANCE, reason:DWORD, reserved1:DWORD
push hInst
pop hInstance
mov eax,TRUE
ret
DllEntry Endp
it is refering to the module handle for the DLL
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682583%28v=vs.85%29.aspx
ok, there is last thing i want to confirm,
InstallHook proc hwnd:DWORD
push hwnd
pop hWnd
invoke SetWindowsHookEx,WH_MOUSE,addr MouseProc,hInstance,NULL
mov hHook,eax
ret
InstallHook endp
the InstallHook will be only called by our main thread, not by any other thread, does it true?
the hInstance been declared as initialized data in .data section cause it will be only use with the InstallHook call that only trigger by our main thread,
so it can't be share by other copy of the DLL, other process will overwrite it
and the hWnd or hHook is sharable cause it will only be got in the DLL associated with our main program
MouseProc proc nCode:DWORD,wParam:DWORD,lParam:DWORD
invoke CallNextHookEx,hHook,nCode,wParam,lParam
mov edx,lParam
assume edx:PTR MOUSEHOOKSTRUCT
invoke WindowFromPoint,[edx].pt.x,[edx].pt.y
invoke PostMessage,hWnd,WM_MOUSEHOOK,eax,0
assume edx:nothing
xor eax,eax
ret
MouseProc endp
and the MouseProc will be called by a process who has a mouse message in its message queue,
(Above is all my guess)
but when is the DLL that has the MouseProc mapped into the process has a MOUSE message to send?
this case works very similar to, say, kernel32, or other windows API DLL's
when you build your program, you link with an import library
in the PE (EXE) file, there is a table called the IAT (import address table)
here is the IAT for this program:
004012A2: FF2540204000 jmp dword[00402040] ;user32.wsprintfA
004012A8: FF2538204000 jmp dword[00402038] ;user32.DialogBoxParamA
004012AE: FF252C204000 jmp dword[0040202C] ;user32.EndDialog
004012B4: FF2534204000 jmp dword[00402034] ;user32.GetClassLongA
004012BA: FF2528204000 jmp dword[00402028] ;user32.GetClassNameA
004012C0: FF2524204000 jmp dword[00402024] ;user32.GetDlgItemTextA
004012C6: FF251C204000 jmp dword[0040201C] ;user32.GetWindowRect
004012CC: FF2530204000 jmp dword[00402030] ;user32.SendMessageA
004012D2: FF253C204000 jmp dword[0040203C] ;user32.SetDlgItemTextA
004012D8: FF2520204000 jmp dword[00402020] ;user32.SetWindowPos
004012DE: FF2510204000 jmp dword[00402010] ;kernel32.ExitProcess
004012E4: FF250C204000 jmp dword[0040200C] ;kernel32.GetModuleHandleA
004012EA: FF2514204000 jmp dword[00402014] ;kernel32.lstrcmpiA
004012F0: FF2500204000 jmp dword[00402000] ;MouseHook.InstallHook
004012F6: FF2504204000 jmp dword[00402004] ;MouseHook.UninstallHook
when the operating system loads your program, it resolves these imports by initializing the DLL's and loading the necessary modules
frankly, i would probably add these proc's to the program - they are small and simple
but, it wouldn't be much of a tutorial on DLL's, then :P
I have read some docs about import table, knowing that the execute file's IAT will be filled with address of functions reside in DLL by the loader at run time
So the MouseHook.dll is load before the main procedure start,
and My question is When is the MouseHook.dll mapped into the target process
also - before the main procedure begins
you mean the MouseHook.dll will be marked into all processes, but there is no MouseHook.dll in there IAT
no - but it is mapped into your 4 gb of virtual address space
Ok, all is done in the process that install the Hook,
but is there restriction in data declaration.
.data
hInstance dd 0
.data?
hHook dd ?
hWnd dd ?
what about I declare all the three handle in the .data section
the system just increase the dll's use count
cause there is nothing to do with other processes
why should the system map the dll to other process
I'm highly sure the call is been made by the process who own the window capture the mouse,cause only that process know the mouse's info,and the
system increase the dll's use count to let that process has access to it to call the MouseProc
is it?
i have made the data declaration into this
.data
hInstance dd 0
hHook dd 0
hWnd dd 0
and the thing turn into a local hook,
so to speak the MouseProc did be called by the process who capture the mouse
and don't know when the system find there is a unknown handle hWnd how does it feel